March 6, 2007 8:07 AM PST

Security flaws found in fix for Firefox, SeaMonkey

By Dawn Kawamoto
Staff Writer, CNET News

Related Stories: Mozilla releases security updates
February 23, 2007

Mozilla Foundation on Monday issued a critical fix designed to address vulnerabilities in a recent security update for the Firefox browser and SeaMonkey application suite.

The security flaws were discovered in Firefox 1.5.0.9 and 2.0.0.1, as well as in SeaMonkey 1.0.7, according to a security advisory posted by Mozilla.

Security researchers say the initial fix, issued in mid-December, was designed to address vulnerabilities in Firefox, SeaMonkey and Mozilla's Thunderbird e-mail client. But that particular fix introduced a flaw that could allow JavaScript code from Web content to be exploited, then lead to the execution of arbitrary code.

Mozilla advises Firefox users to upgrade to version 1.5.0.10 and 2.0.0.2, and SeaMonkey users to update to version 1.1.1 and 1.0.8.

Disabling JavaScript will not protect users from the vulnerabilities, Mozilla warned.

See more CNET content tagged:
Mozilla Corp., vulnerability, Firefox, fix, security

5 comments

Join the conversation!Add your comment (Log in or register)

The FF 2.0.0.2 upgrade was..

..released on 23rd February, not on "this Monday " (5th March) as the article inaccurately states.

Posted by i_made_this (303 comments )

March 6, 2007 10:03 AM (PST) Like Reply Link Flag

Yeah...: Been running 2.0.0.2 for a while.
Posted by umbrae (1072 comments ): March 6, 2007 12:39 PM (PST) Like Link Flag

Join the conversation

Inside CNET News

1-2 of 12

Scroll Left Scroll Right

Engineered carbon gives batteries, ultracaps a boost
EnerG2 opens a plant to make an engineered carbon that will improve performance of energy storage devices and make storage for start-stop hybrid cars less expensive.

Cutting Edge
Samsung Galaxy Note (AT&T)
Gallery
Apple dethrones Google as most reputable company
Reputation of Apple and Amazon rises while that of many corporations, especially banks, falls in the eyes of the U.S. public, survey finds.

Apple
Police visit Facebook dad who shot daughter's laptop
Tommy Jordan, the man who shot his daughter's laptop for YouTube, gets a visit from police and child protection services. Oh, and Good Morning America.

Technically Incorrect
Tips for keeping your browsing private
Video
Justice Department OKs Google's bid for Motorola
The Justice Department says it doesn't believe that Google's $12.5 billion acquisition of Motorola Mobility will affect competition.

Signal Strength
Ethical manufacturing petition delivered to San Francisco Apple Store
Video
LightSquared strums up political support
LightSquared is rallying its political supporters together as it fights to get approval to build its wireless broadband network from the FCC.

Signal Strength
Mushroom kit has roots in used coffee grounds (video)
As UC Berkeley students, the co-founders of "Back to the Roots" discovered they could grow mushrooms using recycled coffee grounds. Now their mushroom kit sells at grocery stores across the country.

Cutting Edge
Video game Spacewar reborn at 50 (photos)
Gallery
Twikao turns your smiling mug into (^_^)
Free iPhone app converts your facial expressions into Japanese smileys. It could cheer you up when you're feeling ??_?)

Crave
Wash. State senate passes bill to charge EV owners $100 annual fee
The Washington State Senate passed a bill that would charge electric car owners $100 per year to compensate for not paying gas taxes. The bill still has to pass the House.

The Car Tech blog